Privacy‐preserving hands‐free voice authentication leveraging edge technology

Abstract

Although speech recognition technology has improved significantly over the past few years, the absence of reliable voice authentication methods has negatively affected the Internet of Things (IoT). Voice‐activated devices, by design, rely on personal voice biometrics for access‐level security, and insecure voice authentication techniques limit the development of voice interfaces that can deal with multiple users with different privileges. Furthermore, public concerns surrounding biometric systems have been reported. Outsourcing biometric data are liable to various privacy breaches, increasing vulnerability to cyberattacks from both criminal organizations and government agencies. In this article, we address the security and privacy challenges of voice authentication for IoT by presenting an edge‐based, hands‐free, single‐factor authentication scheme that consists of three security‐based features: random phrase verification, anti‐spoof verification, and text‐independent speaker recognition. The use of edge technology allows the integration of this authentication scheme with resource contained IoT devices such as voice assistants. Additionally, privacy is ensured by a novel security protocol that uses chaffing and encryption techniques to protect the users' biometric data stored locally on the edge device. Finally, the scheme does not compromise the user experience as it requires only two short voice inputs.